News

Chrome Will Soon Red Flag Unsafe Websites

Google has always been way ahead of the game when it comes to browsing securely.

For the last eight years Gmail service has run over an encrypted connection by default and moved to the standard four years ago. In their final move to block roaming eavesdroppers, this summer the Chrome browser will begin to “label” any website unsecure if it’s not encrypted.

Time to get those SSL certs in place!

This action goes into effect in July with the release of Chrome 70, fulfilling a promise Google made three years ago.

How will this move affect you? If you use Chrome, you will start noticing lots of “not secure” warnings on the left side of the browser at the top of your screen. Don’t worry, you have probably been going to these sites all along without realizing they weren’t encrypted, but be cautious if you are exchanging money or private information.

Is Encryption Difficult to Get? No–for small websites it’s very easy. Certainly, encryption used to be a cost prohibitive, sluggish beast that made it difficult for most users to acquire, but these days you can get an SSL certificate for free thanks to non-profits like “Let’s Encrypt. A larger website may need to make some adjustments in their coding to remain compliant.

Why the Need to Encrypt?
First, encryption keeps malicious actors from messing with webpages — for example, inserting ads or altering websites to send you to a bogus sign-in page. It also protects your browsing history, even looking at particular news stories or Wikipedia pages can reveal personal information to advertisers or, in some parts of the world, political surveillance agents.

Encryption also makes catching bad guys a heck of a lot harder for authorities who used to simply wiretap phones and record conversations. FBI Director Christopher Wray in January spoke against unbreakable encryption, a common theme among politicians and law-enforcement officials.

The only problem with their concern is that there’s no way to make encryption breakable for legitimate investigations without breaking it for logging in to websites, buying books on Amazon, and protecting privacy. For this reason, encryption proponents and Silicon Valley companies have strongly opposed weakening encryption.

Other browsers are moving towards encryption with measures similar to Chrome’s. And they’re also incentivizing website developers by offering new web technology only when websites are encrypted.

Encryption is now the new standard. According to Firefox statistics, 70 percent of webpage visits now are encrypted, up from about 28 percent three years ago.

Google announced the move on its Chromium blog, offering tips to web developers who have to wrestle with the transition. According to Google’s measurements, 81 of the top 100 websites today encrypt websites by default. More than 68 percent of traffic on Chrome for Android and Windows is encrypted now, and the figure is even higher, 78 percent, for laptops running Apple’s MacOS and Google’s Chrome OS.

“Developers have been transitioning their sites to HTTPS [encryption technology] and making the web safer for everyone. Progress last year was incredible,” Emily Schechter, Chrome’s security product manager, said in the blog post.

If you need help transitioning your business website to comply with the new standards give EnhancedTECH a call at 714-970-9330 or contact us at [email protected] for a complimentary consultation.

Samantha Keller (AKA Sam) is a published author, tech-blogger, event-planner and mother of three fabulous humans. Samantha has worked in the IT field for the last fifteen years, intertwining a freelance writing career along with technology sales, events and marketing. She began working for EnhancedTECH ten years ago after earning her Bachelor’s degree from UCLA and attending Fuller Seminary. She is a lover of kickboxing, extra-strong coffee, and Wolfpack football.Her regular blog columns feature upcoming tech trends, cybersecurity tips, and practical solutions geared towards enhancing your business through technology.